search

open-eid / digidoc4j

DigiDoc for Java. Javadoc:
http://open-eid.github.io/digidoc4j
GNU Lesser General Public License v2.1
73 stars 39 forks source link

Unable to finalize signature - for all types of containers #82

Closed vrezhar closed 4 years ago

vrezhar commented 4 years ago

Using digidoc4j 3.0.0 in TEST configuration mode, we are unable to finalize digital signatures Code sample:

Configuration ddTestConfiguration = new Configuration(Configuration.Mode.TEST)
    ddTestConfiguration.setTslLocation("https://open-eid.github.io/test-TL/tl-mp-test-EE.xml")
    Container container = ContainerBuilder
            .aContainer("ASICE")
            .withConfiguration(ddTestConfiguration)
            .withDataFile(someDataFile)
            .build()
    X509Certificate certificate = getCertificate()
    DataToSign dataToSign = SignatureBuilder.
            aSignature(container).
            withSigningCertificate(certificate).
            withSignatureProfile(SignatureProfile.LT).
            withSignatureDigestAlgorithm(DigestAlgorithm.SHA256).
            buildDataToSign()
    byte[] signedValue = sign(dataToSign.getDataToSign())
    container.addSignature(dataToSign.finalize(signedValue))//exception occurs on finalize() call

Stacktrace as follows:

Signing document in DSS failed:java.lang.IllegalArgumentException: Not supported: http://javax.xml.XMLConstants/property/accessExternalDTD
Caused by: org.digidoc4j.exceptions.TechnicalException: Got error in signing process:
    at org.digidoc4j.impl.asic.xades.XadesSigningDssFacade.signDocument(XadesSigningDssFacade.java:122)
    at org.digidoc4j.impl.asic.AsicSignatureBuilder.finalizeSignature(AsicSignatureBuilder.java:103)
    at org.digidoc4j.DataToSign.finalize(DataToSign.java:96)
Caused by: eu.europa.esig.dss.DSSException: java.lang.IllegalArgumentException: Not supported: http://javax.xml.XMLConstants/property/accessExternalDTD
    at eu.europa.esig.dss.xades.DSSXMLUtils.serializeNode(DSSXMLUtils.java:170)
    at eu.europa.esig.dss.xades.signature.XAdESSignatureBuilder.signDocument(XAdESSignatureBuilder.java:797)
    at eu.europa.esig.dss.xades.signature.XAdESLevelBaselineB.signDocument(XAdESLevelBaselineB.java:91)
    at eu.europa.esig.dss.xades.signature.XAdESService.signDocument(XAdESService.java:118)
    at eu.europa.esig.dss.xades.signature.XAdESService.signDocument(XAdESService.java:148)
    at org.digidoc4j.impl.asic.xades.XadesSigningDssFacade.signDocument(XadesSigningDssFacade.java:119)
    ... 106 common frames omitted
Caused by: java.lang.IllegalArgumentException: Not supported: http://javax.xml.XMLConstants/property/accessExternalDTD
    at org.apache.xalan.processor.TransformerFactoryImpl.setAttribute(TransformerFactoryImpl.java:574)
    at eu.europa.esig.dss.DomUtils.getSecureTransformerFactory(DomUtils.java:119)
    at eu.europa.esig.dss.DomUtils.getSecureTransformer(DomUtils.java:129)
    at eu.europa.esig.dss.xades.DSSXMLUtils.serializeNode(DSSXMLUtils.java:150)

Logs:

2020-10-01 19:49:32.429  INFO --- [nio-8080-exec-6] o.d.impl.asic.AsicSignatureBuilder       : Getting data to sign
2020-10-01 19:49:32.441  INFO --- [nio-8080-exec-6] e.e.e.d.v.CommonCertificateVerifier      : + New CommonCertificateVerifier created.
2020-10-01 19:49:32.487  INFO --- [nio-8080-exec-6] org.digidoc4j.Configuration              : Source by country <EE> not found, using default TSP source
2020-10-01 19:49:32.579  WARN --- [nio-8080-exec-6] e.e.e.d.s.BaselineBCertificateSelector   : Issuer not found for certificate 85DB0B4E6E1A68529A18CC05E9FBC7E6F5A688C0419D3087DE46DAF938D8FA91
2020-10-01 19:49:58.470  WARN --- [nio-8080-exec-6] o.d.i.asic.xades.XadesSigningDssFacade   : Signing document in DSS failed:java.lang.IllegalArgumentException: Not supported: http://javax.xml.XMLConstants/property/accessExternalDTD

FYI - We are using MobileId REST API for signatures/certificates.

smartman commented 4 years ago

Can it be because of pom.xml dependency issues? This post has very similar stack trace https://stackoverflow.com/questions/56147602/getting-not-supported-http-javax-xml-xmlconstants-property-accessexternaldt

naare commented 4 years ago

https://github.com/open-eid/digidoc4j/wiki/Questions-&-Answers#getting-an-illegalargumentexception-from-release-211-onward-or-saxnotrecognizedexception-manifested-in-400-rc1

vrezhar commented 4 years ago

Thanks for the help, setting javax.xml.transform.TransformerFactory to "com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl" solved the issue